Download as
Browse Code »

Commit 511152b2afadba4826e747745fe443b43214c2f4

Authored by Jacob Vosmaer
1 parent 37ca6953
Exists in master and in 11 other branches 6-9-stable, 6-9-stable-ee, 7-0-stable, 7-0-stable-ee, 7-0-stable-spb, 7-1-stable, 7-1-stable-ee, 7-2-stable, 7-2-stable-ee, branch_test, nginx_ssl_tweaks

Defer LDAP defaults to upstream 

Omnibus-gitlab should not have its own set of LDAP defaults. Either the
user adds a setting in /etc/gitlab/gitlab.rb, or gitlab-rails picks a
default value. Prior to this change, omnibus-gitlab would augment the
user settings in /etc/gitlab/gitlab.rb with its own set of defaults,
which is confusing and leads to configuration errors.
Showing 2 changed files with 18 additions and 18 deletions   Show diff stats
files/gitlab-cookbooks/gitlab/attributes/default.rb
  Diff comments   View file @511152b
@@ -78,16 +78,16 @@ default['gitlab']['gitlab-rails']['gravatar_enabled'] = true @@ -78,16 +78,16 @@ default['gitlab']['gitlab-rails']['gravatar_enabled'] = true
78 default['gitlab']['gitlab-rails']['gravatar_plain_url'] = nil 78 default['gitlab']['gitlab-rails']['gravatar_plain_url'] = nil
79 default['gitlab']['gitlab-rails']['gravatar_ssl_url'] = nil 79 default['gitlab']['gitlab-rails']['gravatar_ssl_url'] = nil
80 default['gitlab']['gitlab-rails']['ldap_enabled'] = false 80 default['gitlab']['gitlab-rails']['ldap_enabled'] = false
81 -default['gitlab']['gitlab-rails']['ldap_host'] = "_your_ldap_server"  
82 -default['gitlab']['gitlab-rails']['ldap_base'] = "_the_base_where_you_search_for_users"  
83 -default['gitlab']['gitlab-rails']['ldap_port'] = 636  
84 -default['gitlab']['gitlab-rails']['ldap_uid'] = "sAMAccountName"  
85 -default['gitlab']['gitlab-rails']['ldap_method'] = "ssl"  
86 -default['gitlab']['gitlab-rails']['ldap_bind_dn'] = "_the_full_dn_of_the_user_you_will_bind_with"  
87 -default['gitlab']['gitlab-rails']['ldap_password'] = "_the_password_of_the_bind_user"  
88 -default['gitlab']['gitlab-rails']['ldap_allow_username_or_email_login'] = true  
89 -default['gitlab']['gitlab-rails']['ldap_user_filter'] = ""  
90 -default['gitlab']['gitlab-rails']['ldap_group_base'] = "" 81 +default['gitlab']['gitlab-rails']['ldap_host'] = nil
  82 +default['gitlab']['gitlab-rails']['ldap_base'] = nil
  83 +default['gitlab']['gitlab-rails']['ldap_port'] = nil
  84 +default['gitlab']['gitlab-rails']['ldap_uid'] = nil
  85 +default['gitlab']['gitlab-rails']['ldap_method'] = nil
  86 +default['gitlab']['gitlab-rails']['ldap_bind_dn'] = nil
  87 +default['gitlab']['gitlab-rails']['ldap_password'] = nil
  88 +default['gitlab']['gitlab-rails']['ldap_allow_username_or_email_login'] = nil
  89 +default['gitlab']['gitlab-rails']['ldap_user_filter'] = nil
  90 +default['gitlab']['gitlab-rails']['ldap_group_base'] = nil
91 default['gitlab']['gitlab-rails']['satellites_path'] = "/var/opt/gitlab/git-data/gitlab-satellites" 91 default['gitlab']['gitlab-rails']['satellites_path'] = "/var/opt/gitlab/git-data/gitlab-satellites"
92 default['gitlab']['gitlab-rails']['backup_path'] = "/var/opt/gitlab/backups" 92 default['gitlab']['gitlab-rails']['backup_path'] = "/var/opt/gitlab/backups"
93 default['gitlab']['gitlab-rails']['backup_keep_time'] = nil 93 default['gitlab']['gitlab-rails']['backup_keep_time'] = nil
files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb
  Diff comments   View file @511152b
@@ -119,12 +119,12 @@ production: &base @@ -119,12 +119,12 @@ production: &base
119 # bundle exec rake gitlab:ldap:check RAILS_ENV=production 119 # bundle exec rake gitlab:ldap:check RAILS_ENV=production
120 ldap: 120 ldap:
121 enabled: <%= @ldap_enabled %> 121 enabled: <%= @ldap_enabled %>
122 - host: '<%= @ldap_host %>' 122 + host: <%= single_quote(@ldap_host) %>
123 port: <%= @ldap_port %> 123 port: <%= @ldap_port %>
124 - uid: '<%= @ldap_uid %>'  
125 - method: '<%= @ldap_method %>' # "tls" or "ssl" or "plain"  
126 - bind_dn: '<%= @ldap_bind_dn %>'  
127 - password: '<%= @ldap_password %>' 124 + uid: <%= single_quote(@ldap_uid) %>
  125 + method: <%= single_quote(@ldap_method) %> # "tls" or "ssl" or "plain"
  126 + bind_dn: <%= single_quote(@ldap_bind_dn) %>
  127 + password: <%= single_quote(@ldap_password) %>
128 # If allow_username_or_email_login is enabled, GitLab will ignore everything 128 # If allow_username_or_email_login is enabled, GitLab will ignore everything
129 # after the first '@' in the LDAP username submitted by the user on login. 129 # after the first '@' in the LDAP username submitted by the user on login.
130 # 130 #
@@ -140,20 +140,20 @@ production: &amp;base @@ -140,20 +140,20 @@ production: &amp;base
140 # 140 #
141 # Ex. ou=People,dc=gitlab,dc=example 141 # Ex. ou=People,dc=gitlab,dc=example
142 # 142 #
143 - base: '<%= @ldap_base %>' 143 + base: <%= single_quote(@ldap_base) %>
144 144
145 # Filter LDAP users 145 # Filter LDAP users
146 # 146 #
147 # Format: RFC 4515 147 # Format: RFC 4515
148 # Ex. (employeeType=developer) 148 # Ex. (employeeType=developer)
149 # 149 #
150 - user_filter: '<%= @ldap_user_filter %>' 150 + user_filter: <%= single_quote(@ldap_user_filter) %>
151 151
152 # Base where we can search for groups 152 # Base where we can search for groups
153 # 153 #
154 # Ex. ou=Groups,dc=gitlab,dc=example 154 # Ex. ou=Groups,dc=gitlab,dc=example
155 # 155 #
156 - group_base: '<%= @ldap_group_base %>' 156 + group_base: <%= single_quote(@ldap_group_base) %>
157 157
158 ## OmniAuth settings 158 ## OmniAuth settings
159 omniauth: 159 omniauth: